This invention relates generally to processing within a computing environment, and more particularly to advanced authentication technology for computing devices.
Traditional text password based security systems often fail because users need to memorize multiple complicated passwords. Even the most complex passwords are vulnerable to keyloggers, which can intercept legitimate passwords and render them useless. Even less sophisticated techniques can be used to determine a password. Phishing, for example, which involves deceiving someone by providing them with a link that purports to be a legitimate site, but is instead a cleverly conceived fraudulent copy of the original site which is designed to capture their password, can compromise even a secure password. In some instances, even someone looking over one's shoulder in a crowded space to obtain a password may compromise a secure password.
Attempts by application developers and device manufacturers to add security to their systems often require obscure combinations of upper and lower case letters, numbers, and symbols. Although these techniques may be effective against brute force techniques of password discovery, they are still vulnerable to the methods described above. Furthermore, the addition of these requirements makes passwords more difficult to remember, which often leads to a user writing the password down, leaving them more vulnerable then they would otherwise have been.